sing-box 手动配置(deb安装)
·
安装sing-box(直接安装到系统目录)
sudo mkdir -p /etc/apt/keyrings &&
sudo curl -fsSL https://sing-box.app/gpg.key -o /etc/apt/keyrings/sagernet.asc &&
sudo chmod a+r /etc/apt/keyrings/sagernet.asc &&
echo '
Types: deb
URIs: https://deb.sagernet.org/
Suites: *
Components: *
Enabled: yes
Signed-By: /etc/apt/keyrings/sagernet.asc
' | sudo tee /etc/apt/sources.list.d/sagernet.sources &&
sudo apt-get update &&
sudo apt-get install sing-box # or sing-box-beta
# manual install
curl -fsSL https://sing-box.app/install.sh | sh
curl -fsSL https://sing-box.app/install.sh | sh -s -- --version 1.12.12
sudo mkdir -p /var/lib/sing-box/ /etc/sing-box/
sudo systemctl start sing-box
# 使用233boy 脚本生成配置时遇到了systemd-unit冲突, 修改了233boy脚本中的unit位置为/etc/
/etc/sing-box/sh/src/systemd.sh
anytls reality 配置
生成reality keypair
/usr/bin/sing-box generate reality-keypair | tee ~/.tmp/anytls-reality-keypair.txt
anytls-reality server 配置
修改password private_key short_id
cat <<EOF | sudo tee /etc/sing-box/anytls-reality.json
{
"inbounds": [
{
"type": "anytls",
"listen": "::",
"listen_port": 56443,
"users": [
{
"name": "user",
"password": "123456"
}
],
"padding_scheme": [
"stop=8",
"0=30-30",
"1=100-400",
"2=400-500,c,500-1000,c,500-1000,c,500-1000,c,500-1000",
"3=9-9,500-1000",
"4=500-1000",
"5=500-1000",
"6=500-1000",
"7=500-1000"
],
"tls": {
"enabled": true,
"server_name": "yahoo.com",
"reality": {
"enabled": true,
"handshake": {
"server": "yahoo.com",
"server_port": 443
},
"private_key": "eO3B3EMGXrYfGOe87NkUVusaeUxtLB4vxiqjVXqb9GU",
"short_id": "0123456789abcdef"
}
}
}
]
}
EOF
anytls-reality client 配置
修改server password public_key short_id
sudo tee /etc/sing-box/client-anytls-reality.json <<EOF
{
"outbounds": [
{
"type": "anytls",
"tag": "anytls-out",
"server": "10.32.118.200",
"server_port": 56443,
"password": "123456",
"idle_session_check_interval": "30s",
"idle_session_timeout": "30s",
"min_idle_session": 5,
"tls": {
"enabled": true,
"disable_sni": false,
"server_name": "yahoo.com",
"insecure": false,
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "u4v3a_-uhIXPE2RoGaNy9_W5EK5UYV_hVN4Vpei75lM",
"short_id": "0123456789abcdef"
}
}
}
]
}
EOF
vless-reality 配置
/usr/bin/sing-box generate uuid
/usr/bin/sing-box generate reality-keypair | tee ~/.tmp/vless-reality-keypair.txt
vless-reality server 配置
修改password private_key short_id
cat <<EOF | sudo tee /etc/sing-box/vless-reality.json
{
"inbounds": [
{
"tag": "VLESS-REALITY-33584.json",
"type": "vless",
"listen": "::",
"listen_port": 33584,
"users": [
{
"flow": "xtls-rprx-vision",
"uuid": "xxxxxxxx-cbef-4811-a3f0-d10733e669cd"
}
],
"tls": {
"enabled": true,
"server_name": "aws.amazon.com",
"reality": {
"enabled": true,
"handshake": {
"server": "aws.amazon.com",
"server_port": 443
},
"private_key": "xxxxxxxx_GoOG9l7xvyT_zJuh4wyHyacXGdUWiuhJGg",
"short_id": [
""
]
}
}
}
]
}
EOF
vless reality client 端基础配置
修改uuid public_key
sudo tee /etc/sing-box/client-vless-reality.json <<EOF
{
"outbounds": [
{
"type": "vless",
"tag": "vless-out",
"server": "10.50.228.53",
"server_port": 13584,
"uuid": "211d952d-cbef-4811-a3f0-xxxxxxxxxxxx",
"flow": "xtls-rprx-vision",
"network": "tcp",
"tls": {
"enabled": true,
"disable_sni": false,
"server_name": "aws.amazon.com",
"utls": {
"enabled": true,
"fingerprint": "chrome"
},
"reality": {
"enabled": true,
"public_key": "xxxxxx-3J5ReO_EpOBSix7PYhFOzaor0r8xQtEUdjS8",
"short_id": ""
}
}
}
]
}
EOF
vless-ws-tls 配置
anytls-ws-tls 配置
xhttp 配置
xhttp 服务端配置
sudo tee /etc/sing-box/client-xhttp-tls.json <<EOF
{
"inbounds": [
{
"tag": "VLESS-HTTPUpgrade-TLS-box2.peter.com.json",
"type": "vless",
"listen": "0.0.0.0",
"listen_port": 443,
"users": [
{
"uuid": "a1b9a65d-e65a-409c-92e3-c038dd808642"
}
],
"transport": {
"type": "httpupgrade",
"path": "/xxxxxxxx-e65a-409c-92e3-c038dd808642",
"headers": {
"host": "box2.peter.com"
}
},
"tls": {
"enabled": true,
"server_name": "box2.peter.com",
"alpn": ["h2"]
}
}
]
}
EOF
xhttp 客户端配置
sudo tee /etc/sing-box/client-xhttp-tls.json <<EOF
{
"outbounds": [
{
"server": "www.visa.com",
"server_port": 443,
"uuid": "xxxxxxxx-e65a-409c-92e3-c038dd808642",
"packet_encoding": "xudp",
"type": "vless",
"tag": "proxy",
"tls": {
"enabled": true,
"server_name": "box2.peter.com",
"insecure": false
},
"transport": {
"type": "httpupgrade",
"host": "box2.peter.com",
"path": "/xxxxxxxx-e65a-409c-92e3-c038dd808642"
}
}
]
}
EOF
hysteria2 配置
hysteria2 server 配置
{
"inbounds": [
{
"tag": "Hysteria2-55003.json",
"type": "hysteria2",
"listen": "::",
"listen_port": 55003,
"users": [
{
"password": "xxxxxxxx-c295-4b16-a518-b721343e7d1c"
}
],
"tls": {
"enabled": true,
"alpn": [
"h3"
],
"key_path": "/etc/sing-box/bin/tls.key",
"certificate_path": "/etc/sing-box/bin/tls.cer"
}
}
]
}
hysteria2 client 配置
{
"outbounds": [
{
"type": "hysteria2",
"server": "10.50.228.53",
"server_port": 55003,
"up_mbps": 100,
"down_mbps": 100,
"password": "xxxxxxxx-c295-4b16-a518-b721343e7d1c",
"tls": {
"enabled": true,
"insecure":true
}
}
]
}
grpc 配置
client 基础配置
sudo tee /etc/sing-box/client-config.json <<EOF
{
"log": {
"disabled": false,
"level": "debug",
"output": "",
"timestamp": true
},
"experimental": {
"clash_api": {
"external_controller": "127.0.0.1:10807",
"external_ui": "ui",
"external_ui_download_url": "https://github.com/MetaCubeX/metacubexd/archive/gh-pages.zip",
"external_ui_download_detour": "vless-out",
"default_mode": "rule",
"access_control_allow_origin": [ "*" ],
"access_control_allow_private_network": false
},
"cache_file": {
"enabled": true,
"path": "cache.db",
"cache_id": "",
"store_fakeip": true,
"store_rdrc": true,
"rdrc_timeout": "7d"
}
},
"inbounds": [
{
"address": ["172.18.0.1/30", "fdfe:dcba:9876::1/126"],
"route_address": ["0.0.0.0/1", "128.0.0.0/1", "::/1", "8000::/1"],
"route_exclude_address": [
"192.168.0.0/16",
"10.0.0.0/8",
"172.16.0.0/12",
"fc00::/7"
],
"auto_route": true,
"strict_route": true,
"type": "tun"
},
{
"type": "mixed",
"tag": "mixed-in",
"listen": "127.0.0.1",
"listen_port": 10806,
"tcp_fast_open": false,
"tcp_multi_path": false,
"udp_fragment": false
}
],
"outbounds": [
{
"type": "selector",
"tag": "🚀 Select",
"interrupt_exist_connections": true,
"outbounds": [
"vless-out",
"🎈 Auto"
]
},
{
"type": "urltest",
"tag": "🎈 Auto",
"url": "https://www.gstatic.com/generate_204",
"interval": "3m",
"tolerance": 150,
"interrupt_exist_connections": true,
"outbounds": [
"vless-out"
]
},
{
"type": "direct",
"tag": "🎯 Direct"
},
{
"type": "selector",
"tag": "🐟 Fallback",
"interrupt_exist_connections": true,
"outbounds": [
"🚀 Select",
"🎯 Direct"
]
},
{
"type": "selector",
"tag": "GLOBAL",
"interrupt_exist_connections": true,
"outbounds": [
"🚀 Select",
"🎈 Auto",
"🎯 Direct",
"🐟 Fallback"
]
},
],
"route": {
"rules": [
{
"action": "hijack-dns",
"protocol": "dns"
},
{
"action": "route",
"clash_mode": "direct",
"outbound": "🎯 Direct"
},
{
"action": "route",
"clash_mode": "global",
"outbound": "GLOBAL"
},
{
"action": "route",
"network": "icmp",
"outbound": "🎯 Direct"
},
{
"action": "reject",
"protocol": "quic"
},
{
"action": "reject",
"rule_set": [
"Category-Ads"
]
},
{
"action": "route",
"rule_set": [
"GeoSite-Private"
],
"outbound": "🎯 Direct"
},
{
"action": "route",
"rule_set": [
"GeoSite-CN"
],
"outbound": "🎯 Direct"
},
{
"action": "route",
"rule_set": [
"GeoIP-Private"
],
"outbound": "🎯 Direct"
},
{
"action": "route",
"rule_set": [
"GeoIP-CN"
],
"outbound": "🎯 Direct"
},
{
"action": "route",
"rule_set": [
"GeoLocation-!CN"
],
"outbound": "🚀 Select"
}
],
"rule_set": [
{
"tag": "Category-Ads",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/category-ads-all.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoIP-Private",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/private.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoSite-Private",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/private.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoIP-CN",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geoip/cn.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoSite-CN",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/cn.srs",
"format": "binary",
"download_detour": "🎯 Direct"
},
{
"tag": "GeoLocation-!CN",
"type": "remote",
"url": "https://testingcf.jsdelivr.net/gh/MetaCubeX/meta-rules-dat@sing/geo/geosite/geolocation-!cn.srs",
"format": "binary",
"download_detour": "🎯 Direct"
}
],
"auto_detect_interface": true,
"final": "🐟 Fallback",
"default_domain_resolver": {
"server": "Local-DNS"
}
},
"dns": {
"servers": [
{
"tag": "Local-DNS",
"type": "https",
"domain_resolver": "Local-DNS-Resolver",
"server_port": 443,
"server": "223.5.5.5",
"path": "/dns-query"
},
{
"tag": "Local-DNS-Resolver",
"type": "udp",
"server_port": 53,
"server": "223.5.5.5"
},
{
"tag": "Remote-DNS",
"type": "tls",
"detour": "🚀 Select",
"domain_resolver": "Remote-DNS-Resolver",
"server_port": 853,
"server": "8.8.8.8"
},
{
"tag": "Remote-DNS-Resolver",
"type": "udp",
"detour": "🚀 Select",
"server_port": 53,
"server": "8.8.8.8"
}
],
"rules": [
{
"action": "route",
"clash_mode": "direct",
"server": "Local-DNS"
},
{
"action": "route",
"clash_mode": "global",
"server": "Remote-DNS"
},
{
"action": "route",
"rule_set": [
"GeoSite-CN"
],
"server": "Local-DNS"
},
{
"action": "route",
"rule_set": [
"GeoLocation-!CN"
],
"server": "Remote-DNS"
}
],
"disable_cache": false,
"disable_expire": false,
"independent_cache": false,
"final": "Remote-DNS"
}
}
EOF
andriod 版本使用
/usr/bin/sing-box -C /etc/sing-box/ merge ~/.tmp/sing-box.merge.conf